Virus : winupgro.exe | Help svp.
Résolu
zepiii
Messages postés
20
Statut
Membre
-
Utilisateur anonyme -
Utilisateur anonyme -
Hellooo,
J'ai essayé d'ouvrir une application (que j'avais par sécurité scanné avec Avira Antivir, qui lui n'a rien détécter...) Seulement voilà, bah y'avait un virus... Qu'est ce que je peux faire? (J'ai déjà un peu rechercher sur internet, télécharger findykill, option 2), ca a supprimé des trucs... mais apparament pas tout... en effet, lorsque que j'essaie de lancer Avira Antivir : il met "application win32 non valide"..
Merci de la bon ame qui m'aidera, et j'espère être mieux acceuilli que sur IDN, parce que la dernière fois qu j'ai un problème j'ai été receuillé comme une merde ^^
Bonne journée :)
PS : étant en exam.. je n'ai pas le temps de reformater mon pc et de tout réinstaller, et comme j'en ai besoin car une bonne partie de mes cours sont dessus.. je m'adresse à vous :)
J'ai essayé d'ouvrir une application (que j'avais par sécurité scanné avec Avira Antivir, qui lui n'a rien détécter...) Seulement voilà, bah y'avait un virus... Qu'est ce que je peux faire? (J'ai déjà un peu rechercher sur internet, télécharger findykill, option 2), ca a supprimé des trucs... mais apparament pas tout... en effet, lorsque que j'essaie de lancer Avira Antivir : il met "application win32 non valide"..
Merci de la bon ame qui m'aidera, et j'espère être mieux acceuilli que sur IDN, parce que la dernière fois qu j'ai un problème j'ai été receuillé comme une merde ^^
Bonne journée :)
PS : étant en exam.. je n'ai pas le temps de reformater mon pc et de tout réinstaller, et comme j'en ai besoin car une bonne partie de mes cours sont dessus.. je m'adresse à vous :)
A voir également:
- Virus : winupgro.exe | Help svp.
- Virus mcafee - Accueil - Piratage
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
- Undisclosed-recipients virus - Guide
- Ordinateur bloqué virus - Accueil - Arnaque
28 réponses
RAPPORT FINDYKILL tant qu'on y est :)
----------------- FindyKill V4.711 ------------------
* User : Zepiii - ZEP
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 11:14:33 le mer. 07/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Zepiii\Application Data
Found ! [07/01/2009 07:27] - "C:\Documents and Settings\Zepiii\Application Data\drivers"
Found ! [07/01/2009 07:27] - "C:\Documents and Settings\Zepiii\Application Data\drivers\downld"
»»»» Presence des fichiers dans C:\DOCUME~1\Zepiii\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Zepiii\Local Settings\Temporary Internet Files\Content.IE5
Found ! [10/07/2006 18:15] - C:\Program Files\UTILS\Paint.NET\FileTypes\DdsFileType_License.txt
Found ! [10/07/2006 18:01] - C:\Program Files\UTILS\Paint.NET\FileTypes\DdsFileType_ReadMe.txt
Found ! [19/03/2006 02:06] - C:\Program Files\UTILS\Paint.NET\FileTypes\JPEG 2000_Readme.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
RocketDock="C:\Program Files\RocketDock\RocketDock.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
drvsyskit=C:\Documents and Settings\Zepiii\Application Data\drivers\winupgro.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
acerWireless=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
LManager=C:\Program Files\Launch Manager\QtZgAcer.EXE
SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
ACU="C:\Program Files\Atheros\ACU.exe" -nogui
IntelZeroConfig="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
IntelWireless="C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RocketDock]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-842925246-926492609-725345543-1003\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
Found ! - [HKEY_USERS\S-1-5-21-842925246-926492609-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 2
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
----------------- FindyKill V4.711 ------------------
* User : Zepiii - ZEP
* Emplacement : C:\Program Files\FindyKill
* Outils Mis a jours le 05/01/09 par Chiquitine29
* Recherche effectuée à 11:14:33 le mer. 07/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((((( *** Recherche *** ))))))))))))))))))
--------------- [ Processus actifs ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
--------------- [ Fichiers/Dossiers infectieux ] ----------------
»»»» Presence des fichiers dans C:
»»»» Presence des fichiers dans C:\WINDOWS
»»»» Presence des fichiers dans C:\WINDOWS\Prefetch
»»»» Presence des fichiers dans C:\WINDOWS\system32
»»»» Presence des fichiers dans C:\WINDOWS\system32\drivers
»»»» Presence des fichiers dans C:\Documents and Settings\Zepiii\Application Data
Found ! [07/01/2009 07:27] - "C:\Documents and Settings\Zepiii\Application Data\drivers"
Found ! [07/01/2009 07:27] - "C:\Documents and Settings\Zepiii\Application Data\drivers\downld"
»»»» Presence des fichiers dans C:\DOCUME~1\Zepiii\LOCALS~1\Temp
»»»» Presence des fichiers dans C:\Documents and Settings\Zepiii\Local Settings\Temporary Internet Files\Content.IE5
Found ! [10/07/2006 18:15] - C:\Program Files\UTILS\Paint.NET\FileTypes\DdsFileType_License.txt
Found ! [10/07/2006 18:01] - C:\Program Files\UTILS\Paint.NET\FileTypes\DdsFileType_ReadMe.txt
Found ! [19/03/2006 02:06] - C:\Program Files\UTILS\Paint.NET\FileTypes\JPEG 2000_Readme.txt
--------------- [ Registre / Startup ] ----------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
RocketDock="C:\Program Files\RocketDock\RocketDock.exe"
msnmsgr="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
DAEMON Tools Lite="C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
H/PC Connection Agent="C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
SuperCopier2.exe=C:\Program Files\SuperCopier2\SuperCopier2.exe
drvsyskit=C:\Documents and Settings\Zepiii\Application Data\drivers\winupgro.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\run]
ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
acerWireless=C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
LManager=C:\Program Files\Launch Manager\QtZgAcer.EXE
SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
ACU="C:\Program Files\Atheros\ACU.exe" -nogui
IntelZeroConfig="C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
IntelWireless="C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
avgnt="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
BluetoothAuthenticationAgent=rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
[HKEY_CURRENT_USER\software\local appwizard-generated applications\RocketDock]
--------------- [ Registre / Clés infectieuses ] ----------------
Found ! - HKEY_USERS\S-1-5-21-842925246-926492609-725345543-1003\Software\bisoft
Found ! - HKEY_CURRENT_USER\Software\bisoft
Found ! - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
Found ! - [HKEY_USERS\S-1-5-21-842925246-926492609-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run] | drvsyskit
--------------- [ Etat / Services ] ----------------
+- Services : [ Auto=2 / Demande=3 / Désactivé=4 ]
Ndisuio - Type de démarrage = 3
Ip6Fw - Type de démarrage = 2
SharedAccess - Type de démarrage = 2
wuauserv - Type de démarrage = 2
/!\ wscsvc - Type de démarrage = 4
--------------- [ Recherche dans supports amovibles] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- presence des fichiers :
--------------- [ Registre / Mountpoint2 ] ----------------
-> Not found !
------------------- ! Fin du rapport ! --------------------
RAPPORT HIJACKTHIS aussi :)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:52, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zepiii\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Zepiii\Application Data\drivers\winupgro.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:16:52, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Zepiii\Bureau\HiJackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [drvsyskit] C:\Documents and Settings\Zepiii\Application Data\drivers\winupgro.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Salut,
Findykill de chiquitine29 option 2:
▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir
▶ Double-clique sur le raccourci FindyKill sur ton bureau
▶ Au menu principal, choisisl'option 2 (Suppression)
/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\
▶ Ensuite, poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Findykill de chiquitine29 option 2:
▶ Branche tes disques amovibles à ton PC ( (clefs USB, disque dur externe, etc...) sans les ouvrir
▶ Double-clique sur le raccourci FindyKill sur ton bureau
▶ Au menu principal, choisisl'option 2 (Suppression)
/!\ Il y aura 2 redémarrages, laisse travailler l'outil jusqu'à l'apparition du message "nettoyage effectué" /!\
▶ Ensuite, poste le rapport FindyKill.txt
Note : le rapport FindyKill.txt est sauvegardé à la racine du disque.
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Bonjour, pas de disque externe ou clé USB dans mon appart, tout est chez moi et ce depuis plusieurs jours (j'ai eu le virus par aprés)..
Voici le rapport :
----------------- FindyKill V4.711 ------------------
* User : Zepiii - ZEP
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 11:24:18 the mer. 07/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Zepiii\Application Data
Deleted ! - "C:\Documents and Settings\Zepiii\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Zepiii\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\Zepiii\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Zepiii\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
/!\ wscsvc - Type of startup = 4
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
Suspect ! - d532a42b8f3f3787529bfe86d6cf5f02 C:\Program Files\eMule\Incoming\WebCamera\install_patch.exe
Suspect ! - d532a42b8f3f3787529bfe86d6cf5f02 C:\Program Files\RocketDock\RocketDock.exe
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
MERCIII !
Voici le rapport :
----------------- FindyKill V4.711 ------------------
* User : Zepiii - ZEP
* executed from : C:\Program Files\FindyKill
* Update on 05/01/09 par Chiquitine29
* Start at 11:24:18 the mer. 07/01/2009
* Windows XP - Internet Explorer 7.0.5730.11
((((((((((((((( *** deleting *** ))))))))))))))))))
--------------- [ Active Processes ] ----------------
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
--------------- [ Infected files / folders ] ----------------
»»»» Supression files in C:
»»»» Supression files in C:\WINDOWS
»»»» Supression files in C:\WINDOWS\Prefetch
»»»» Supression files in C:\WINDOWS\system32
»»»» Supression files in C:\WINDOWS\system32\drivers
»»»» Supression files in C:\Documents and Settings\Zepiii\Application Data
Deleted ! - "C:\Documents and Settings\Zepiii\Application Data\drivers\downld"
Deleted ! - "C:\Documents and Settings\Zepiii\Application Data\drivers"
»»»» Supression files in C:\DOCUME~1\Zepiii\LOCALS~1\Temp
»»»» Supression files in C:\Documents and Settings\Zepiii\Local Settings\Temporary Internet Files\Content.IE5
--------------- [ Registry / Infected keys ] ----------------
Deleted ! - HKEY_CURRENT_USER\Software\bisoft
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mdelk.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wintems.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\flec006.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hldrrr.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winfilse.exe
Deleted ! - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupgro.exe
--------------- [ States / Restarting of services ] ----------------
+- Services : [ Auto=2 / Request=3 / Disable=4 ]
Ndisuio - Type of startup = 3
Ip6Fw - Type of startup = 2
SharedAccess - Type of startup = 2
wuauserv - Type of startup = 2
/!\ wscsvc - Type of startup = 4
--------------- [ Cleaning removable drives ] ----------------
+- Informations :
C: - Lecteur fixe
D: - Lecteur fixe
+- deleting files :
--------------- [ Registry / Mountpoint2 ] ----------------
-> Not found !
--------------- [ Searching Other Infections ] ----------------
Suspect ! - d532a42b8f3f3787529bfe86d6cf5f02 C:\Program Files\eMule\Incoming\WebCamera\install_patch.exe
Suspect ! - d532a42b8f3f3787529bfe86d6cf5f02 C:\Program Files\RocketDock\RocketDock.exe
--------------- [ Searching Cracks / Keygen ] ----------------
---------------- ! End of report ! ------------------
MERCIII !
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Re,
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
▶ Télécharge random's system information tool (RSIT) et enregistre le sur ton bureau.
▶ Double clique sur RSIT.exe pour lancer l'outil.
▶ Clique sur ' continue ' à l'écran Disclaimer.
▶ Si l'outil HIjackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
▶ Une fois le scan fini , 2 rapports vont apparaitre. Poste le contenu des 2 rapports
( log.txt & info.txt )
(CTRL+A Pour tout selectionner , CTRL+C pour copier et CTRL+V pour coller )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
LOG
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 11:37:22
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:24, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 11:37:22
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:24, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
INFO
info.txt logfile of random's system information tool 1.05 2009-01-07 11:37:26
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
acer Wireless LAN-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4820DD99-52D1-42BB-927E-B6B6DF231AF5}\Setup.exe" -l0x9 UNINSTALL
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
Conexant AC-Link Audio-->CIAunwdm.exe
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Generator-->C:\Program Files\Microsoft ActiveSync\Generator\Uninstall.exe Generator
HijackThis 2.0.2-->"C:\Documents and Settings\Zepiii\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe"
HuGo-->C:\Program Files\Microsoft ActiveSync\HuGo\Uninstall.exe HuGo
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel PROSet Wireless-->Intel PROSet Wireless
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Marat-->C:\Program Files\Microsoft ActiveSync\Marat\Uninstall.exe Marat
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MorphGear-->C:\Program Files\Microsoft ActiveSync\MorphGear\Uninstall.exe MorphGear
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{025B7033-5D4A-4B72-A1C2-84BE4BE2F72F}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PDAmill Snails for PocketPC 1.9b3 (Full Version)-->C:\WINDOWS\UnGins.exe "C:\Program Files\PDAmill\Snails for PocketPC Full\install.log"
Programme d'installation d'Atheros Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92F31257-15BA-46EE-887D-3C18C0790ACE}\setup.exe" -l0x40c -removeonly
Resco Bubbles-->C:\WINDOWS\RSetupCE.exe -uninstC:\Program Files\Resco\Bubbles\_Install.log
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Satsuki Decoder Pack 4000-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update pour Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ for Windows Mobile 2.5-->"C:\Program Files\Microsoft ActiveSync\Skype for Windows Mobile\unins000.exe"
SNES9x-->C:\Program Files\Microsoft ActiveSync\SNES9x\Uninstall.exe SNES9x
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025\HXFSETUP.EXE -U -Iqta00665.inf
Spb Brain Evolution-->C:\Program Files\Microsoft ActiveSync\Spb Brain Evolution\Uninstall.exe Spb Brain Evolution
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Syntact Snails for PocketPC (Full Version)-->C:\WINDOWS\UnGins.exe "C:\Program Files\Syntact\Snails for PocketPC Full\install.log"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
X'nStop 1.2-->"C:\Program Files\X'nStop\unins000.exe"
Securitycenter WMI appears to be broken
System event log
Computer Name: ZEP
Event Code: 15007
Message: La réservation de l'espace de nom identifié par le préfixe d'URL http://*:2869/ a été correctement ajoutée.
Record Number: 5
Source Name: HTTP
Time Written: 20081227200558.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 3260
Message: Cet ordinateur a correctement été joint au workgroup 'WORKGROUP'.
Record Number: 4
Source Name: Workstation
Time Written: 20081227200159.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 6011
Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers ZEP.
Record Number: 3
Source Name: EventLog
Time Written: 20081227195929.000000+060
Event Type: information
User:
Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 2
Source Name: EventLog
Time Written: 20081227205055.000000+060
Event Type: information
User:
Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20081227205055.000000+060
Event Type: information
User:
Application event log
Computer Name: ZEP
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur ZEP\Zepiii alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.
Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
Record Number: 510
Source Name: Userenv
Time Written: 20090107112137.000000+060
Event Type: warning
User: AUTORITE NT\SYSTEM
Computer Name: ZEP
Event Code: 2002
Message:
Record Number: 509
Source Name: EAPOL
Time Written: 20090107072716.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 2003
Message:
Record Number: 508
Source Name: EAPOL
Time Written: 20090107072716.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 0
Message:
Record Number: 507
Source Name: RegSrvc
Time Written: 20090107072703.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 0
Message:
Record Number: 506
Source Name: EvtEng
Time Written: 20090107072703.000000+060
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Intel\WiFi\bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEVMGR_SHOW_DETAILS"=1
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.05 2009-01-07 11:37:26
======Uninstall list======
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
acer Wireless LAN-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4820DD99-52D1-42BB-927E-B6B6DF231AF5}\Setup.exe" -l0x9 UNINSTALL
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Shockwave Player-->MsiExec.exe /X{A7DB362E-16DC-4E29-8A34-E74381E00B5B}
Archiveur WinRAR-->C:\Program Files\WinRAR\uninstall.exe
Assistant de connexion Windows Live-->MsiExec.exe /I{D6E592B3-67DA-4BBB-9783-E1838FB253A2}
ATI - Utilitaire de désinstallation du logiciel-->C:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
ATI Control Panel-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver-->rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Client Windows Rights Management avec Service Pack 2-->MsiExec.exe /X{1D13221B-42DE-4B3C-A43F-0F6AF3CF3DA2}
Conexant AC-Link Audio-->CIAunwdm.exe
DAEMON Tools Toolbar-->C:\Program Files\DAEMON Tools Toolbar\uninst.exe
eMule-->"C:\Program Files\eMule\Uninstall.exe"
FindyKill-->C:\Program Files\FindyKill\Uninstal.exe
Generator-->C:\Program Files\Microsoft ActiveSync\Generator\Uninstall.exe Generator
HijackThis 2.0.2-->"C:\Documents and Settings\Zepiii\Bureau\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB909394)-->"C:\WINDOWS\$NtUninstallKB909394$\spuninst\spuninst.exe"
HuGo-->C:\Program Files\Microsoft ActiveSync\HuGo\Uninstall.exe HuGo
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{3CCB732A-E472-4CF9-B1EE-F18365341FE0}
Intel PROSet Wireless-->Intel PROSet Wireless
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Launch Manager-->C:\WINDOWS\UnInst32.exe QtZgAcer.UNI
LimeWire 4.18.8-->"C:\Program Files\LimeWire\uninstall.exe"
Marat-->C:\Program Files\Microsoft ActiveSync\Marat\Uninstall.exe Marat
MediaMonkey 3.0-->"C:\Program Files\MediaMonkey\unins000.exe"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Office Access MUI (French) 2007-->MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}
Microsoft Office Excel MUI (French) 2007-->MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (French) 2007-->MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}
Microsoft Office Outlook MUI (French) 2007-->MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (French) 2007-->MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2003-->MsiExec.exe /X{90AF040C-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Arabic) 2007-->MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (French) 2007-->MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}
Microsoft Office Publisher MUI (French) 2007-->MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}
Microsoft Office Shared MUI (French) 2007-->MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}
Microsoft Office Word MUI (French) 2007-->MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}
Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall
Mise à jour de sécurité pour Lecteur Windows Media 10 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"
Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0 Language Pack - FRA\install.exe
MorphGear-->C:\Program Files\Microsoft ActiveSync\MorphGear\Uninstall.exe MorphGear
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{025B7033-5D4A-4B72-A1C2-84BE4BE2F72F}
Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Paint.NET v3.36-->MsiExec.exe /X{43602F34-1AA3-44FB-AEB2-D08C2C73743F}
PDAmill Snails for PocketPC 1.9b3 (Full Version)-->C:\WINDOWS\UnGins.exe "C:\Program Files\PDAmill\Snails for PocketPC Full\install.log"
Programme d'installation d'Atheros Client-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{92F31257-15BA-46EE-887D-3C18C0790ACE}\setup.exe" -l0x40c -removeonly
Resco Bubbles-->C:\WINDOWS\RSetupCE.exe -uninstC:\Program Files\Resco\Bubbles\_Install.log
RocketDock 1.3.5-->"C:\Program Files\RocketDock\unins000.exe"
Satsuki Decoder Pack 4000-->C:\Program Files\Satsuki Decoder Pack\Uninstall.exe
Security Update for Microsoft .NET Framework 2.0 (KB917283)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {967B098A-042D-4367-BAC9-8BC11684174F} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update pour Microsoft .NET Framework 2.0 (KB922770)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {0E92DD42-76F5-4EF2-B381-F9C1D72BE23D} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Skype™ for Windows Mobile 2.5-->"C:\Program Files\Microsoft ActiveSync\Skype for Windows Mobile\unins000.exe"
SNES9x-->C:\Program Files\Microsoft ActiveSync\SNES9x\Uninstall.exe SNES9x
SoftV92 Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_8086&DEV_266D&SUBSYS_00661025\HXFSETUP.EXE -U -Iqta00665.inf
Spb Brain Evolution-->C:\Program Files\Microsoft ActiveSync\Spb Brain Evolution\Uninstall.exe Spb Brain Evolution
SuperCopier2-->"C:\Program Files\SuperCopier2\SC2Uninst.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Syntact Snails for PocketPC (Full Version)-->C:\WINDOWS\UnGins.exe "C:\Program Files\Syntact\Snails for PocketPC Full\install.log"
Windows Live Call-->MsiExec.exe /I{01523985-2098-43AF-9C97-12B07BE02A9B}
Windows Live Communications Platform-->MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Messenger-->MsiExec.exe /X{059C042E-796A-4ACC-A81A-ECC2010BB78C}
X'nStop 1.2-->"C:\Program Files\X'nStop\unins000.exe"
Securitycenter WMI appears to be broken
System event log
Computer Name: ZEP
Event Code: 15007
Message: La réservation de l'espace de nom identifié par le préfixe d'URL http://*:2869/ a été correctement ajoutée.
Record Number: 5
Source Name: HTTP
Time Written: 20081227200558.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 3260
Message: Cet ordinateur a correctement été joint au workgroup 'WORKGROUP'.
Record Number: 4
Source Name: Workstation
Time Written: 20081227200159.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 6011
Message: Le nom NetBIOS et le nom de l'hôte DNS de cet ordinateur ont été modifiés de MACHINENAME vers ZEP.
Record Number: 3
Source Name: EventLog
Time Written: 20081227195929.000000+060
Event Type: information
User:
Computer Name: MACHINENAME
Event Code: 6005
Message: Le service d'Enregistrement d'événement a démarré.
Record Number: 2
Source Name: EventLog
Time Written: 20081227205055.000000+060
Event Type: information
User:
Computer Name: MACHINENAME
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Uniprocessor Free.
Record Number: 1
Source Name: EventLog
Time Written: 20081227205055.000000+060
Event Type: information
User:
Application event log
Computer Name: ZEP
Event Code: 1517
Message: Windows a sauvegardé le Registre utilisateur ZEP\Zepiii alors qu'une application ou un service utilisait toujours le Registre pendant la fermeture de la session. La mémoire utilisée par le Registre de l'utilisateur n'a pas été libérée. le Registre sera déchargé lorsqu'il ne sera plus utilisé.
Cela est souvent causé par des services s'exécutant en tant que compte d'utilisateur, essayez de configurer les services pour s'exécuter dans le compte service réseau ou service local.
Record Number: 510
Source Name: Userenv
Time Written: 20090107112137.000000+060
Event Type: warning
User: AUTORITE NT\SYSTEM
Computer Name: ZEP
Event Code: 2002
Message:
Record Number: 509
Source Name: EAPOL
Time Written: 20090107072716.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 2003
Message:
Record Number: 508
Source Name: EAPOL
Time Written: 20090107072716.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 0
Message:
Record Number: 507
Source Name: RegSrvc
Time Written: 20090107072703.000000+060
Event Type: information
User:
Computer Name: ZEP
Event Code: 0
Message:
Record Number: 506
Source Name: EvtEng
Time Written: 20090107072703.000000+060
Event Type: information
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Intel\WiFi\bin\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 13 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0d08
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"DEVMGR_SHOW_DETAILS"=1
-----------------EOF-----------------
LOG PART 1 :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 11:37:22
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:24, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 11:37:22
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:37:24, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
LOG PART 2:
2008-12-27 20:39:16 ----D---- C:\WINDOWS\WinSxS
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Web
2008-12-27 20:39:16 ----D---- C:\WINDOWS\twain_32
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Temp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\wins
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\wbem
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\usmt
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\spool
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ras
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\oobe
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\npp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\mui
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\IME
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\icsxml
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ias
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\export
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\en
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\drivers
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\dhcp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\config
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\3076
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\2052
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1054
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1042
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1041
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1037
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1036
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1033
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1031
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1028
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1025
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system
2008-12-27 20:39:16 ----D---- C:\WINDOWS\security
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Resources
2008-12-27 20:39:16 ----D---- C:\WINDOWS\repair
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Provisioning
2008-12-27 20:39:16 ----D---- C:\WINDOWS\PeerNet
2008-12-27 20:39:16 ----D---- C:\WINDOWS\pchealth
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Offline Web Pages
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Network Diagnostic
2008-12-27 20:39:16 ----D---- C:\WINDOWS\mui
2008-12-27 20:39:16 ----D---- C:\WINDOWS\msapps
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Media
2008-12-27 20:39:16 ----D---- C:\WINDOWS\java
2008-12-27 20:39:16 ----D---- C:\WINDOWS\inf
2008-12-27 20:39:16 ----D---- C:\WINDOWS\ime
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Help
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Fonts
2008-12-27 20:39:16 ----D---- C:\WINDOWS\ehome
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Driver Cache
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Debug
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Cursors
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Connection Wizard
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Config
2008-12-27 20:39:16 ----D---- C:\WINDOWS\AppPatch
2008-12-27 20:39:16 ----D---- C:\WINDOWS\addins
2008-12-27 20:39:16 ----D---- C:\WINDOWS
2008-12-27 20:31:54 ----AD---- C:\WINDOWS\i386
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\java.exe
2008-12-27 20:31:09 ----D---- C:\Program Files\Java
2008-12-27 20:31:09 ----D---- C:\Program Files\Fichiers communs\Java
2008-12-27 20:31:03 ----D---- C:\Documents and Settings\Zepiii\Application Data\Sun
2008-12-27 20:31:00 ----D---- C:\Documents and Settings\Zepiii\Application Data\Macromedia
2008-12-27 20:30:58 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-12-27 20:30:58 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2008-12-27 20:30:29 ----D---- C:\WINDOWS\system32\DRM
2008-12-27 20:29:56 ----D---- C:\Program Files\WMV9_VCM
2008-12-27 20:29:53 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-27 20:29:34 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-27 20:28:42 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-27 20:28:22 ----D---- C:\Program Files\Microsoft Office
2008-12-27 20:27:26 ----D---- C:\WINDOWS\system32\windowspowershell
2008-12-27 20:25:31 ----D---- C:\WINDOWS\system32\URTTEMP
2008-12-27 20:19:13 ----RSD---- C:\WINDOWS\assembly
2008-12-27 20:18:53 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-27 20:17:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-27 20:17:29 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-27 20:17:01 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-27 20:16:55 ----D---- C:\Program Files\MSXML 4.0
2008-12-27 20:16:32 ----N---- C:\WINDOWS\system32\WinAudit.exe
2008-12-27 20:16:32 ----N---- C:\WINDOWS\system32\TCPOptimizer203fr.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\TweakUi.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\TransBar.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\SuperFinder.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\Starter.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\SMPSeesaw.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\Siw.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\Ntest.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\MGADiag.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\IcoSauve.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\shman.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\SendToRemove.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\SendToAdd.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\Refresh.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\pagedfrg.exe
2008-12-27 20:16:30 ----N---- C:\WINDOWS\system32\deadlink.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\faview.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Extinction.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Enregistrer sous Test.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Enregistrer sous Editeur.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\aspichk.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Aide.exe
2008-12-27 20:16:12 ----A---- C:\WINDOWS\system32\Starter.exe.manifest
2008-12-27 20:16:05 ----N---- C:\WINDOWS\system32\WinAudit.ini
2008-12-27 20:16:05 ----N---- C:\WINDOWS\system32\oeminfo.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\TransBar.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\Starter.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\shman_lng.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\faview_lng.ini
2008-12-27 20:16:02 ----N---- C:\WINDOWS\system32\desktop.ini_create.cmd
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\SuperFinder.lng
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\lang
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Images
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\FoxitReader
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Data
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Aide
2008-12-27 20:15:59 ----D---- C:\WINDOWS\pmcsnap
2008-12-27 20:15:50 ----D---- C:\Program Files\WSTARTUP
2008-12-27 20:15:49 ----D---- C:\Program Files\UTILS
2008-12-27 20:15:49 ----D---- C:\Program Files\JEUX
2008-12-27 20:15:06 ----ASH---- C:\Documents and Settings\Zepiii\Application Data\desktop.ini
2008-12-27 20:15:05 ----SD---- C:\Documents and Settings\Zepiii\Application Data\Microsoft
2008-12-27 20:14:00 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-27 20:13:58 ----D---- C:\WINDOWS\Prefetch
2008-12-27 20:13:49 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-27 20:13:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-27 20:08:35 ----D---- C:\WINDOWS\system32\xircom
2008-12-27 20:08:35 ----D---- C:\WINDOWS\srchasst
2008-12-27 20:08:35 ----D---- C:\WINDOWS\msagent
2008-12-27 20:08:35 ----D---- C:\Program Files\xerox
2008-12-27 20:08:35 ----D---- C:\Program Files\microsoft frontpage
2008-12-27 20:08:07 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-27 20:07:47 ----A---- C:\WINDOWS\control.ini
2008-12-27 20:07:34 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-27 20:07:29 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-27 20:06:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-27 20:06:09 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-27 20:06:02 ----HD---- C:\Program Files\WindowsUpdate
2008-12-27 20:05:16 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-27 20:05:15 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-27 20:05:15 ----A---- C:\WINDOWS\desktop.ini
2008-12-27 20:05:11 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-27 20:05:09 ----D---- C:\Program Files\Fichiers communs\Services
2008-12-27 20:05:09 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-27 20:05:05 ----SD---- C:\WINDOWS\Tasks
2008-12-27 20:05:05 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-27 20:05:04 ----D---- C:\Program Files\Fichiers communs\MSSoap
2008-12-27 20:05:00 ----D---- C:\WINDOWS\system32\Macromed
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-27 20:04:50 ----D---- C:\Program Files\Movie Maker
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-27 20:04:39 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-27 20:04:39 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-27 20:04:38 ----D---- C:\WINDOWS\system32\Restore
2008-12-27 20:04:38 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-27 20:04:38 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-27 20:04:37 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-27 20:04:37 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-27 20:04:32 ----D---- C:\Program Files\NetMeeting
2008-12-27 20:04:32 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-27 20:04:32 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-27 20:04:30 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-27 20:04:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-27 20:04:28 ----D---- C:\Program Files\Outlook Express
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-27 20:04:19 ----D---- C:\Program Files\Fichiers communs\System
2008-12-27 20:04:15 ----D---- C:\Program Files\Internet Explorer
2008-12-27 20:03:47 ----HD---- C:\Program Files\Uninstall Information
2008-12-27 20:03:27 ----D---- C:\Program Files\ComPlus Applications
2008-12-27 20:03:22 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-27 20:03:22 ----A---- C:\WINDOWS\vb.ini
2008-12-27 20:03:13 ----D---- C:\WINDOWS\Registration
2008-12-27 20:02:59 ----D---- C:\Program Files\Windows Media Player
2008-12-27 20:02:44 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-27 20:02:44 ----A---- C:\WINDOWS\system32\write.exe
2008-12-27 20:02:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-27 20:02:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-27 20:02:38 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-27 20:02:36 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-27 20:02:35 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-27 20:02:35 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-27 20:02:31 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-27 20:02:31 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-27 20:02:23 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-27 20:02:21 ----D---- C:\Program Files\Windows NT
2008-12-27 20:02:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-27 20:02:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-27 20:02:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-27 20:02:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-27 20:02:19 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-27 20:02:16 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-27 20:02:14 ----D---- C:\WINDOWS\system32\Com
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-27 20:02:13 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-27 20:02:13 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2008-12-27 22:54:53 ----A---- C:\WINDOWS\win.ini
2008-12-27 20:58:41 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-27 17801]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [1999-09-10 25244]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-04 11904]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-12-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-28 1132544]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-22 175360]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-12-13 61824]
R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-08 185824]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 avy8lw96;avy8lw96; C:\WINDOWS\system32\drivers\avy8lw96.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\Drivers\epm-shd.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-08-20 860160]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [2008-08-20 466944]
R2 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-08-20 905216]
S2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-06 611664]
S2 ACS;Service de configuration Atheros; C:\WINDOWS\system32\acs.exe [2009-01-06 36864]
S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-01-06 68865]
S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-01-06 151297]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-28 364544]
-----------------EOF-----------------
2008-12-27 20:39:16 ----D---- C:\WINDOWS\WinSxS
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Web
2008-12-27 20:39:16 ----D---- C:\WINDOWS\twain_32
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Temp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\wins
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\wbem
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\usmt
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\spool
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\Setup
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ras
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\oobe
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\npp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\mui
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\IME
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\icsxml
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\ias
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\fr-fr
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\export
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\en
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\drivers
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\dhcp
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\config
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\3076
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\2052
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1054
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1042
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1041
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1037
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1036
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1033
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1031
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1028
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32\1025
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system32
2008-12-27 20:39:16 ----D---- C:\WINDOWS\system
2008-12-27 20:39:16 ----D---- C:\WINDOWS\security
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Resources
2008-12-27 20:39:16 ----D---- C:\WINDOWS\repair
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Provisioning
2008-12-27 20:39:16 ----D---- C:\WINDOWS\PeerNet
2008-12-27 20:39:16 ----D---- C:\WINDOWS\pchealth
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Offline Web Pages
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Network Diagnostic
2008-12-27 20:39:16 ----D---- C:\WINDOWS\mui
2008-12-27 20:39:16 ----D---- C:\WINDOWS\msapps
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Media
2008-12-27 20:39:16 ----D---- C:\WINDOWS\java
2008-12-27 20:39:16 ----D---- C:\WINDOWS\inf
2008-12-27 20:39:16 ----D---- C:\WINDOWS\ime
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Help
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Fonts
2008-12-27 20:39:16 ----D---- C:\WINDOWS\ehome
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Driver Cache
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Debug
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Cursors
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Connection Wizard
2008-12-27 20:39:16 ----D---- C:\WINDOWS\Config
2008-12-27 20:39:16 ----D---- C:\WINDOWS\AppPatch
2008-12-27 20:39:16 ----D---- C:\WINDOWS\addins
2008-12-27 20:39:16 ----D---- C:\WINDOWS
2008-12-27 20:31:54 ----AD---- C:\WINDOWS\i386
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-27 20:31:23 ----A---- C:\WINDOWS\system32\java.exe
2008-12-27 20:31:09 ----D---- C:\Program Files\Java
2008-12-27 20:31:09 ----D---- C:\Program Files\Fichiers communs\Java
2008-12-27 20:31:03 ----D---- C:\Documents and Settings\Zepiii\Application Data\Sun
2008-12-27 20:31:00 ----D---- C:\Documents and Settings\Zepiii\Application Data\Macromedia
2008-12-27 20:30:58 ----A---- C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-12-27 20:30:58 ----A---- C:\WINDOWS\system32\NPSWF32.dll
2008-12-27 20:30:29 ----D---- C:\WINDOWS\system32\DRM
2008-12-27 20:29:56 ----D---- C:\Program Files\WMV9_VCM
2008-12-27 20:29:53 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-27 20:29:34 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-27 20:28:42 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-27 20:28:22 ----D---- C:\Program Files\Microsoft Office
2008-12-27 20:27:26 ----D---- C:\WINDOWS\system32\windowspowershell
2008-12-27 20:25:31 ----D---- C:\WINDOWS\system32\URTTEMP
2008-12-27 20:19:13 ----RSD---- C:\WINDOWS\assembly
2008-12-27 20:18:53 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-27 20:17:29 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-27 20:17:29 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-27 20:17:01 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-27 20:16:55 ----D---- C:\Program Files\MSXML 4.0
2008-12-27 20:16:32 ----N---- C:\WINDOWS\system32\WinAudit.exe
2008-12-27 20:16:32 ----N---- C:\WINDOWS\system32\TCPOptimizer203fr.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\TweakUi.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\TransBar.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\SuperFinder.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\Starter.exe
2008-12-27 20:16:32 ----A---- C:\WINDOWS\system32\SMPSeesaw.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\Siw.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\Ntest.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\MGADiag.exe
2008-12-27 20:16:31 ----N---- C:\WINDOWS\system32\IcoSauve.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\shman.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\SendToRemove.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\SendToAdd.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\Refresh.exe
2008-12-27 20:16:31 ----A---- C:\WINDOWS\system32\pagedfrg.exe
2008-12-27 20:16:30 ----N---- C:\WINDOWS\system32\deadlink.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\WNASPI32.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\VB6STKIT.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\VB6FR.DLL
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\faview.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Extinction.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Enregistrer sous Test.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Enregistrer sous Editeur.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\aspichk.exe
2008-12-27 20:16:30 ----A---- C:\WINDOWS\system32\Aide.exe
2008-12-27 20:16:12 ----A---- C:\WINDOWS\system32\Starter.exe.manifest
2008-12-27 20:16:05 ----N---- C:\WINDOWS\system32\WinAudit.ini
2008-12-27 20:16:05 ----N---- C:\WINDOWS\system32\oeminfo.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\TransBar.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\Starter.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\shman_lng.ini
2008-12-27 20:16:05 ----A---- C:\WINDOWS\system32\faview_lng.ini
2008-12-27 20:16:02 ----N---- C:\WINDOWS\system32\desktop.ini_create.cmd
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\SuperFinder.lng
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\lang
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Images
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\FoxitReader
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Data
2008-12-27 20:16:02 ----D---- C:\WINDOWS\system32\Aide
2008-12-27 20:15:59 ----D---- C:\WINDOWS\pmcsnap
2008-12-27 20:15:50 ----D---- C:\Program Files\WSTARTUP
2008-12-27 20:15:49 ----D---- C:\Program Files\UTILS
2008-12-27 20:15:49 ----D---- C:\Program Files\JEUX
2008-12-27 20:15:06 ----ASH---- C:\Documents and Settings\Zepiii\Application Data\desktop.ini
2008-12-27 20:15:05 ----SD---- C:\Documents and Settings\Zepiii\Application Data\Microsoft
2008-12-27 20:14:00 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-27 20:13:58 ----D---- C:\WINDOWS\Prefetch
2008-12-27 20:13:49 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-27 20:13:49 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-27 20:08:35 ----D---- C:\WINDOWS\system32\xircom
2008-12-27 20:08:35 ----D---- C:\WINDOWS\srchasst
2008-12-27 20:08:35 ----D---- C:\WINDOWS\msagent
2008-12-27 20:08:35 ----D---- C:\Program Files\xerox
2008-12-27 20:08:35 ----D---- C:\Program Files\microsoft frontpage
2008-12-27 20:08:07 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-27 20:07:47 ----A---- C:\WINDOWS\control.ini
2008-12-27 20:07:34 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-27 20:07:29 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-27 20:06:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-27 20:06:09 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-27 20:06:02 ----HD---- C:\Program Files\WindowsUpdate
2008-12-27 20:05:16 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-27 20:05:15 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-27 20:05:15 ----A---- C:\WINDOWS\desktop.ini
2008-12-27 20:05:11 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-27 20:05:09 ----D---- C:\Program Files\Fichiers communs\Services
2008-12-27 20:05:09 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-27 20:05:05 ----SD---- C:\WINDOWS\Tasks
2008-12-27 20:05:05 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-27 20:05:04 ----D---- C:\Program Files\Fichiers communs\MSSoap
2008-12-27 20:05:00 ----D---- C:\WINDOWS\system32\Macromed
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-27 20:04:57 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-27 20:04:56 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-27 20:04:55 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-27 20:04:50 ----D---- C:\Program Files\Movie Maker
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-27 20:04:45 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-27 20:04:39 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-27 20:04:39 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-27 20:04:38 ----D---- C:\WINDOWS\system32\Restore
2008-12-27 20:04:38 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-27 20:04:38 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-27 20:04:37 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-27 20:04:37 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-27 20:04:36 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-27 20:04:32 ----D---- C:\Program Files\NetMeeting
2008-12-27 20:04:32 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-27 20:04:32 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-27 20:04:30 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-27 20:04:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-27 20:04:28 ----D---- C:\Program Files\Outlook Express
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-27 20:04:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-27 20:04:26 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-27 20:04:19 ----D---- C:\Program Files\Fichiers communs\System
2008-12-27 20:04:15 ----D---- C:\Program Files\Internet Explorer
2008-12-27 20:03:47 ----HD---- C:\Program Files\Uninstall Information
2008-12-27 20:03:27 ----D---- C:\Program Files\ComPlus Applications
2008-12-27 20:03:22 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-27 20:03:22 ----A---- C:\WINDOWS\vb.ini
2008-12-27 20:03:13 ----D---- C:\WINDOWS\Registration
2008-12-27 20:02:59 ----D---- C:\Program Files\Windows Media Player
2008-12-27 20:02:44 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-27 20:02:44 ----A---- C:\WINDOWS\system32\write.exe
2008-12-27 20:02:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-27 20:02:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-27 20:02:39 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-27 20:02:38 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-27 20:02:36 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-27 20:02:35 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-27 20:02:35 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-27 20:02:34 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-27 20:02:33 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-27 20:02:32 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-27 20:02:31 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-27 20:02:31 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-27 20:02:30 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-27 20:02:23 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-27 20:02:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-27 20:02:21 ----D---- C:\Program Files\Windows NT
2008-12-27 20:02:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-27 20:02:21 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-27 20:02:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-27 20:02:20 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-27 20:02:19 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-27 20:02:18 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-27 20:02:17 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-27 20:02:16 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-27 20:02:16 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-27 20:02:15 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-27 20:02:14 ----D---- C:\WINDOWS\system32\Com
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-27 20:02:14 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-27 20:02:13 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-27 20:02:13 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-27 20:02:12 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-27 20:02:03 ----A---- C:\WINDOWS\system32\cmprops.dll
======List of files/folders modified in the last 1 months======
2008-12-27 22:54:53 ----A---- C:\WINDOWS\win.ini
2008-12-27 20:58:41 ----A---- C:\WINDOWS\system.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-10-30 75072]
R1 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-19 40320]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.2.0.3; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-27 17801]
R2 Aspi32;Aspi32; C:\WINDOWS\System32\drivers\aspi32.sys [1999-09-10 25244]
R2 irda;Protocole IrDA; C:\WINDOWS\system32\DRIVERS\irda.sys [2004-08-04 87424]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-03-17 13059]
R2 s24trans;Transport RLAN; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2008-08-04 11904]
R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2006-12-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-28 1132544]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2003-05-22 175360]
R3 CAMCAUD;Conexant AMC Audio; C:\WINDOWS\system32\drivers\camcaud.sys [2004-06-25 34048]
R3 CAMCHALA;CAMCHALA; C:\WINDOWS\system32\drivers\camchal.sys [2004-06-25 276480]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-04 14080]
R3 DKbFltr;Dritek HotKey Keyboard Filter Driver; C:\WINDOWS\System32\Drivers\DKbFltr.sys [2004-12-08 16896]
R3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2005-01-25 1038208]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2005-01-25 207616]
R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2006-12-13 61824]
R3 NSCIRDA;Pilote de périphérique infrarouge NSC; C:\WINDOWS\system32\DRIVERS\nscirda.sys [2004-08-04 28672]
R3 Rasirda;Miniport réseau étendu (IrDA); C:\WINDOWS\system32\DRIVERS\rasirda.sys [2001-08-17 19584]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-10-08 185824]
R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-03 26624]
R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-03 57600]
R3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-03 20480]
R3 w29n51;Pilote de carte de connexion réseau Intel(R) PRO/Wireless 2200BG pour Windows XP; C:\WINDOWS\system32\DRIVERS\w29n51.sys [2008-01-07 2216064]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2005-01-25 703616]
S3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
S3 avy8lw96;avy8lw96; C:\WINDOWS\system32\drivers\avy8lw96.sys []
S3 BthEnum;Pilote de bloc de demande Bluetooth; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2004-08-03 17024]
S3 BTHMODEM;Pilote de communication série Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2004-08-03 38016]
S3 BthPan;Périphérique Bluetooth (réseau personnel); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2004-08-03 100992]
S3 BTHPORT;Pilote de port Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2004-08-19 274944]
S3 BTHUSB;Pilote USB radio Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2004-08-03 18944]
S3 EpmShd;Acer EPM System Hardware Driver; \??\C:\WINDOWS\system32\Drivers\epm-shd.sys []
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2004-08-03 59648]
S3 usb_rndisx;USB RNDIS Adapter; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2005-10-21 12800]
S3 USBSTOR;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-08-20 860160]
R2 Irmon;Moniteur infrarouge; C:\WINDOWS\system32\svchost.exe [2004-08-19 14336]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [2008-08-20 466944]
R2 S24EventMonitor;Intel® PROSet/Wireless WiFi Service; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [2008-08-20 905216]
S2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2009-01-06 611664]
S2 ACS;Service de configuration Atheros; C:\WINDOWS\system32\acs.exe [2009-01-06 36864]
S2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2009-01-06 68865]
S2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2009-01-06 151297]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Service Partage réseau du Lecteur Windows Media; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-03 918016]
S4 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-28 364544]
-----------------EOF-----------------
Re,
==>>Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.<<===
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
▶ Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
▶ Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
▶ Choisis l'option 1 ( "recherche") et tapes "entrée" .
▶Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel Toolbard-S&D
==>>Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.<<===
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
▶ Double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
▶ Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
▶ Choisis l'option 1 ( "recherche") et tapes "entrée" .
▶Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel Toolbard-S&D
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Zepiii ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:14 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:75 Go (Free:36 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( mer. 07/01/2009|11:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome.manifest
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\install.rdf
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome\dttoolbar.jar
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.xpt
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.fr/toolbar/ie8/sidebar.html"
"First Home Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - mer. 07/01/2009|11:56 - Option : [1]
-----------\\ Fin du rapport a 11:56:06,65
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Zepiii ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:14 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:75 Go (Free:36 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( mer. 07/01/2009|11:55 )
-----------\\ Recherche de Fichiers / Dossiers ...
C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome.manifest
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\install.rdf
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome\dttoolbar.jar
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.xpt
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AboutWindow.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\AddRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\az.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\Config.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GameCentrix.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\genre.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioConfig.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRadioStation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuRSCur.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\MenuTr.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\play_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\play_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Radio.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBg.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioBgMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDisp_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioDown_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioE.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioG.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLDotMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeft.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLeftMask.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioLM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioN.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioR.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRM.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioRU.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioVolume_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\RadioW.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\stop_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\style.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_back.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_dott_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\vol_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.fr/toolbar/ie8/sidebar.html"
"First Home Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - mer. 07/01/2009|11:56 - Option : [1]
-----------\\ Fin du rapport a 11:56:06,65
Re,
Fais ceci maintenant :
▶ Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
▶Relances Toolbar-S&D en double-cliquant sur le raccourci.
▶ Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
Note : Ne touches à rien lors de la suppression !!
▶ Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Fais ceci maintenant :
▶ Nettoyage avec ToolBar S&D :
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
▶Relances Toolbar-S&D en double-cliquant sur le raccourci.
▶ Tapes sur l'option 2 ( "nettoyage" ) puis tapes sur "Entrée".
Note : Ne touches à rien lors de la suppression !!
▶ Un rapport sera généré à la fin du processus : postes son contenu dans ta prochaine réponse
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Zepiii ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:14 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:75 Go (Free:36 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( mer. 07/01/2009|12:06 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.fr/toolbar/ie8/sidebar.html"
"First Home Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - mer. 07/01/2009|11:56 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - mer. 07/01/2009|12:06 - Option : [2]
-----------\\ Fin du rapport a 12:06:41,87
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) M processor 1.73GHz )
BIOS : Phoenix NoteBIOS 4.0 Release 6.1
USER : Zepiii ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:14 Go (Free:7 Go)
D:\ (Local Disk) - NTFS - Total:75 Go (Free:36 Go)
E:\ (CD or DVD)
F:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( mer. 07/01/2009|12:06 )
-----------\\ SUPPRESSION
Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Search Page"="https://www.google.fr/?gws_rd=ssl"
"Search Bar"="http://www.google.fr/toolbar/ie8/sidebar.html"
"First Home Page"="https://www.google.fr/?gws_rd=ssl"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
1 - "C:\ToolBar SD\TB_1.txt" - mer. 07/01/2009|11:56 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - mer. 07/01/2009|12:06 - Option : [2]
-----------\\ Fin du rapport a 12:06:41,87
Re,
▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
▶ Mets le à jour
▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
▶ clique sur Rechercher
▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel pour MalwareByte's
▶ Télécharge et installe MalwareByte's Anti-Malware
Malwarebyte
▶ Mets le à jour
▶ Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
▶ Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
▶ clique sur Rechercher
▶ Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok
▶ Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.
▶ Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection
▶ Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.
Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok
Si un rapport ne passe pas faire une alerte à la conciergerie avec le /!\ jaune.
Tutoriel pour MalwareByte's
Malwarebytes' Anti-Malware 1.32
Version de la base de données: 1627
Windows 5.1.2600 Service Pack 2
7/01/2009 12:45:16
mbam-log-2009-01-07 (12-45-16).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 101758
Temps écoulé: 25 minute(s), 21 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\My Progs\Carte d'acquisition\crack\Vegas6.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Version de la base de données: 1627
Windows 5.1.2600 Service Pack 2
7/01/2009 12:45:16
mbam-log-2009-01-07 (12-45-16).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 101758
Temps écoulé: 25 minute(s), 21 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
D:\My Progs\Carte d'acquisition\crack\Vegas6.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
Simple détail au passage (si je suis déjà clean), j'ai essayé de lancer antivir, ce qui ne marche tjs pas.. peut être faut il désinstaller réinstaller?
Grand merci pour ton aide en tout cas...
Grand merci pour ton aide en tout cas...
Re,
Redémarre ton pc normalement et refait un log avec rsit et reposte le en deux fois .
Dit moi comment va ton pc?
Edit oui réinstalle le.
Redémarre ton pc normalement et refait un log avec rsit et reposte le en deux fois .
Dit moi comment va ton pc?
Edit oui réinstalle le.
PC Reboot...
Tjs qq petits problèmes :(
- rocket dock ne se relance tjs pas
- antivir ne se lance tjs pas, win32 invalide :(
- ad aware ne se lance
voici le post : RSIT
2 messages suivants
Tjs qq petits problèmes :(
- rocket dock ne se relance tjs pas
- antivir ne se lance tjs pas, win32 invalide :(
- ad aware ne se lance
voici le post : RSIT
2 messages suivants
Pardon... en 2 fois
PART 1 :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 13:04:21
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:04:22, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
PART 1 :
Logfile of random's system information tool 1.05 (written by random/random)
Run by Zepiii at 2009-01-07 13:04:21
Microsoft Windows XP Professionnel Service Pack 2
System drive C: has 8 GB (50%) free of 15 GB
Total RAM: 1022 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:04:22, on 7/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Atheros\ACU.exe
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\IcoSauve.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Zepiii\Bureau\RSIT.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Zepiii\Bureau\Zepiii.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/search?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [acerWireless] C:\Program Files\acer\Wireless\Utility\WlanUtil.exe
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ACU] "C:\Program Files\Atheros\ACU.exe" -nogui
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide1] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IcoSauve.lnk = C:\WINDOWS\system32\IcoSauve.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - cmdmapping - (no file) (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless WiFi Service (S24EventMonitor) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
